| 12345678910111213141516171819202122232425262728293031323334353637 |
- Nebula DEFINITIONS AUTOMATIC TAGS ::= BEGIN
- Name ::= UTF8String (SIZE (1..253))
- Time ::= INTEGER (0..18446744073709551615) -- Seconds since unix epoch, uint64 maximum
- Network ::= OCTET STRING (SIZE (5,17)) -- IP addresses are 4 or 16 bytes + 1 byte for the prefix length
- Curve ::= ENUMERATED {
- curve25519 (0),
- p256 (1)
- }
- -- The maximum size of a certificate must not exceed 65536 bytes
- Certificate ::= SEQUENCE {
- details OCTET STRING,
- curve Curve DEFAULT curve25519,
- publicKey OCTET STRING,
- -- signature(details + curve + publicKey) using the appropriate method for curve
- signature OCTET STRING
- }
- Details ::= SEQUENCE {
- name Name,
- -- At least 1 ipv4 or ipv6 address must be present if isCA is false
- networks SEQUENCE OF Network OPTIONAL,
- unsafeNetworks SEQUENCE OF Network OPTIONAL,
- groups SEQUENCE OF Name OPTIONAL,
- isCA BOOLEAN DEFAULT false,
- notBefore Time,
- notAfter Time,
- -- issuer is only required if isCA is false, if isCA is true then it must not be present
- issuer OCTET STRING OPTIONAL,
- ...
- -- New fields can be added below here
- }
- END
|
